Imagine this scenario: your algorithm has pulled up a background YouTube video, or maybe a podcast. Unbeknownst to you, hackers have embedded inaudible sounds in it, designed to hijack your smart speaker or phone’s AI assistant — meaning the cybercriminals can now access your private photos, bank accounts, or any other personal information you’ve hooked up to your AI system.

It sounds like an also-ran episode of “Black Mirror,” but it’s exactly what researchers have shown is possible in new research being presented this week at the IEEE Symposium on Security and Privacy.

Basically, a team of researchers in China and Singapore found that they can construct “adversarial audio,” completely undetectable to the human ear, that tricks voice AI models into doing things they shouldn’t. Then it’s a breeze to hide it in innocent-sounding audio — a song, a movie, or anything else that unsuspecting targets might play in the background — and lay in wait for users to accidentally compromise their digital lives.

“It takes just half an hour to train this signal, and then, because this signal is context-agnostic, you can use it to attack the target model whenever you want, no matter what the user says,” lead author Meng Chen, a PhD candidate at China’s Zhejiang University, told IEEE Spectrum of the work. “These single-point defenses struggle to resist our attack because we found it’s very hard for these models to distinguish the normal user intent and our adversary attack.”

One catch, at least for now: the technique required the hackers to have access to the full weights of the AI model they’re targeting, meaning they were only able to attack open source models. But because many commercial AI systems are built on open source models, that meant that their exploit was effective against mainstream products by Microsoft and Mistral.

Mistral didn’t respond to IEEE‘s request for comment, but Microsoft issued a statement that should probably give anyone pause before connecting any important information whatsoever to one of the company’s voice AI models.

“We appreciate the researchers’ work to advance understanding of this type of technique,” it read. “This study evaluates model resilience through controlled, direct interactions with the model itself, which helps inform our approach to building model resiliency. In practice, AI models are often integrated into user applications, and we offer developers tools and guidance they can use to implement additional layers of protection that help safeguard users.”

More on AI: Researchers Alarmed by AI That Can Self-Replicate Into Another Machine

The post Hackers Find That Inaudible Sounds Hidden in Podcasts or Random Videos Can Hijack Your AI Voice Chatbot appeared first on Futurism.

Like data centers, automatic license plate readers (ALPRs) are incredibly unpopular with voters around the US. Plenty of local politicians are taking the hint, choosing to cancel controversial surveillance contracts with the granddad of ALPR companies, Flock Safety.

In the tiny town of Bandera, Texas, however, one petty tyrant on the city council took personal offense after his fellow politicians voted 3-2 to immediately end their contract with Flock earlier this month. After voting, the dissenting councilmember, identified by 404 Media as Jeff Flowers, immediately went on the offensive, threatening to outlaw virtually all forms of modern technology and take the town “back to 1880.”

In a statement shared by the town newspaper the Bandera Bulletin, Flowers addressed the roughly 900 residents who call the town home.

“For months, I have listened to the outcry regarding [ALPR] technology,” he scathed. “I have seen the eyerolls, and I’ve even been met with ‘Nazi rhetoric,’ the dangerous claim that believing in accountability and community safety is somehow equivalent to totalitarianism. Comparing a neighbor’s desire for a safe street to a dark chapter of history is a classic case of comparing apples to oranges; it is a distraction used to avoid the reality of the threats our town faces today.”

“Since the Council has decided we are the ‘Free State of Bandera,’ a place where the ‘rights’ of a car thief or human trafficker to remain anonymous apparently outweigh the right of a resident to protect their property and the safety of their family, then we must go all the way,” Flowers continued his rant.

“To ensure our historic County Seat becomes the most ‘traditional’ sanctuary in Texas, I have requested… a total ban on all cellular and GPS-capable devices for all operations within city limits,” the councilman raged. “If we are to be truly ‘private,’ we must leave our smartphones at the city line.”

Continuing his childish crashout, Flowers also proposed a ban on all commercial and residential security cameras, as well as a “total total termination of all internet services and electronic record-keeping.”

“We are going back to 1880, paper ledgers and cash only,” he seethed.

Back in February, Flowers moderated a town hall meeting exclusively meant to discuss the Flock contract, which brought eight ALPRs into the one-horse town. During another February meeting, Flowers accused opponents of the private surveillance company of having something to hide, saying “I believe personally that guilty people act defensively.”

“If you don’t have anything to hide, then it shouldn’t be a problem,” he carried on. “I also believe when you are in a public space, your privacy kind of goes out the window because you are in essence in a public place.”

More on surveillance: Man Trapped in Dystopian Nightmare Thanks to AI Surveillance Cameras Flagging His Every Move

The post Town Councilmember Goes Berzerk at Surveillance Camera Ban, Threatens to Outlaw Virtually All Modern Technology appeared first on Futurism.